Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1418579 - Use selinux when building ovirt-appliance
Use selinux when building ovirt-appliance
Status: CLOSED CURRENTRELEASE
Product: ovirt-appliance
Classification: oVirt
Component: Build (Show other bugs)
4.1
Unspecified Unspecified
high Severity medium (vote)
: ovirt-4.2.2
: ---
Assigned To: Yuval Turgeman
Gonza
: Improvement
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-02-02 03:50 EST by Yuval Turgeman
Modified: 2018-04-30 07:01 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
SELinux is now set to Enforcing by default in the ovirt-appliance.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-03-29 07:03:55 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Node
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
rule-engine: ovirt‑4.2+
grafuls: testing_plan_complete-
sbonazzo: devel_ack+
lsvaty: testing_ack+

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 80451 master MERGED cloud-init: add cloud_init_t to permissive list 2017-10-16 11:58 EDT

  None (edit)
Description Yuval Turgeman 2017-02-02 03:50:33 EST 
Today the kickstart for building ovirt-appliance sets selinux --permissive, we need to check if it can be changed to enforcing.
Comment 1 Yuval Turgeman 2017-06-05 06:33:09 EDT 
This was reverted since engine-setup (firewall-cmd) hangs in selinux when run from cloud-ini (missing transition from cloud_init_t to firewalld_t)
Comment 2 Red Hat Bugzilla Rules Engine 2017-06-05 06:33:14 EDT 
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Comment 3 Sandro Bonazzola 2017-06-09 05:59:44 EDT 
Dropping code change, since this requires a full functional test once done.
Comment 4 Ryan Barry 2017-06-27 05:54:38 EDT 
Yuval - has a bug been filed against cloud-init for this?
Comment 5 Yuval Turgeman 2017-06-27 09:02:20 EDT 
Yes, not by us, though, but it's the same behavior, see bug 1126096
Comment 6 Yuval Turgeman 2017-06-29 09:21:45 EDT 
I just noticed that bug 1126096 was reported in 2014, could setenforce 0 or add cloud_init_t to permissive in our cloud-init script ?
Comment 8 Yaniv Kaul 2017-10-26 07:37:04 EDT 
Can this move to MODIFIED?
Comment 9 Sandro Bonazzola 2017-11-14 04:15:59 EST 
We need a patch in appliance code.
Comment 10 Gonza 2018-01-11 10:19:10 EST 
Checked on:
rhvm-appliance-20180103.0-1.x86_64.rhevm.ova

$ getenforce
Permissive
Comment 11 Red Hat Bugzilla Rules Engine 2018-01-11 10:19:16 EST 
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Comment 13 Gonza 2018-02-21 04:19:33 EST 
Verified with:
rhvm-appliance-4.2-20180202.0.x86_64.rhevm.ova

# getenforce
Enforcing
Comment 14 Sandro Bonazzola 2018-03-29 07:03:55 EDT 
This bugzilla is included in oVirt 4.2.2 release, published on March 28th 2018.

Since the problem described in this bug report should be
resolved in oVirt 4.2.2 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.